Apply on Employer Site

Trace Systems Inc. · 3 hours ago

Cybersecurity Analyst

Portsmouth, VA

Full-time

Onsite

Mid Level

4+ years exp

Trace Systems Inc. is a company dedicated to supporting and defending national security interests through various IT and cybersecurity services. They are seeking a Cybersecurity Analyst to support the Norfolk Naval Shipyard CIO department, focusing on enhancing network security and compliance with DoD and Navy requirements.

Defense & Space

Senior Management

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Support the revision of the entire end-to-end Assessment and Authorization (A&A) process

Support for Inspection and Audit conducted at NNSY

Review A&A package submissions to ensure system/network architectures and technical/non- technical operating features adequately protect and defend against unauthorized access, ensure systems availability, and meet DoD/Navy Cyber Security (CS) implementation policy requirements and data protection safeguards

Conduct CS compliance and A&A documentation validation assessments for legacy applications, systems and networks

Develop, or expand existing A&A and CS documentation to ensure complete documentation exists in accordance with DoD A&A and IA/CS policy

Perform Cyber Compliance (CC) risk assessments to evaluate system risks and provide written risk assessment reports including overall risk analysis reviews and recommendations to the Navy Authorizing Official (NAO) and Functional Authorizing Official (FAO)

Respond to feedback from the NAO and FAO in the form of comments and instructions to ensure coordination of efforts and to correct errors, information omissions and shortfalls in A&A documentation packages

Communicate feedback to customers, coordinate corrections collect responses and validate prior to forward for processing

Develop procedures to support A&A workflow processes, criteria needed to facilitate authorization processes and NAO/FAO authorization decision milestones

Streamline A&A package efforts based on RMF status and complexity, unless operational requirements necessitate a waiver from the NNSY Package Submission Office (PSO)

Support Cyber Security readiness reporting and assess the cyber security posture and identify trends and processes potentially dangerous to network security

Verify Information Assurance (IA) and CS data for units reported via various databases such as Enterprise Mission Assurance Support Service (eMASS), Vulnerability Remediation Asset Manager (VRAM), Navy Continuous Monitoring and Risk Scoring (CMRS-N) and Department of the Navy (DON) Applications and Database Management System (DADMS)

Compile and analyze data and develop a weekly/monthly CS Dashboard for NNSY leadership review

Communicate feedback to NNSY CIO identified with CS vulnerabilities to the DODIN and coordinate corrections, collect responses and validate reporting

Provide support in drafting NNSY CIO strategies, plans, policy, and procedures

Assist with Assured Compliance Assessment System (ACAS) scans

Ensure audit artifacts are accurate, complete, and accessible, including evidence of continuous monitoring, patch management, user account management, and vulnerability remediation efforts

Coordinate with ISSMs, Information System Security Officers (ISSOs), and system owners to validate that all systems are in compliance with the Risk Management Framework (RMF) requirements and audit readiness standards

Track and report the status of audit findings and ensure all findings are assigned to responsible stakeholders, properly documented in the Plan of Action and Milestones (POA&Ms) and resolved within designated timelines

Qualification

Cybersecurity analysisRisk assessmentVulnerability analysisSecurity TestEvaluationFirewall PolicyCyber applicationsInformation AssuranceContingency planningPorts & ProtocolsCommunication skills

Required

Active, in-scope US Government issued Top Secret clearance

Due to the nature of the work and contract requirements, US Citizenship is required

Minimum of four (4) years of experience in CS analysis in support of Cyber metrics analysis, incident response and mitigation; risk mitigation analysis, developing contingency plans

CS / INFOSEC concepts and requirements

System / network vulnerability analysis

Risk assessment and risk mitigation analysis

Security Test and Evaluation (ST&E)

Contingency planning

Firewall Policy

Ports & Protocols

Maintaining all day-to-day Vulnerability Remediation Asset Management (VRAM) activities

Entering the system baseline configuration in VRAM by uploading vulnerability scan of a representative baseline system

Experience with Cyber applications, [e.g., ACAS, HBSS, MDE, MDI, Splunk]

Expert and Mastery levels with institutional knowledge and a minimum of 4 years' experience, on the mission critical procedures, systems, and processes, as they pertain to Information Technology and Cyber Security requirements

Expert knowledge of and experience with CS requirements as defined by Public Laws, National, DoD, and DON guidance [e.g., Federal Information Security Management Act (FISMA), DoDD 8100.02, DODI 8500.01, DoDI 8520, DoDI 8530, DoDI 8531, SECNAV 5239 Series and OPNAV 5239 Series, NIST Special Publications Series 800, etc.]

Expert knowledge and experience with the requirements outlined in OPNAVINST N9210.3 Safeguarding Naval Nuclear Propulsion Information

Fully qualified in accordance with DoD 8570.01M

Bachelor's degree in an IT related discipline or Level II Certification (Security+ or better) and a minimum of four (4) years of experience in CS analysis in support of Cyber metrics analysis, incident response and mitigation; risk mitigation analysis, developing contingency plans

Company

Trace Systems Inc.

Founded in 2006

Tampa, Florida, US

201-500 employees

https://www.tracesystems.com/

Funding

Current Stage

Growth Stage

Leadership Team

Kenneth Hilton

COO

Company data provided by crunchbase